Job Summary:
The Intersect Group is seeking an experienced Vulnerability Analyst to join our direct Banking client's Security team. The successful candidate will be responsible for identifying and analyzing vulnerabilities in our systems and applications and collaborating with other team members to develop and implement remediation plans. The role requires a deep understanding of security principles, best practices, and experience with vulnerability scanning and assessment tools such as Intune, SCCM, Tanium, and Tenable.
As a Vulnerability Analyst, you will play a critical role in ensuring the security of our organization's systems and data. You will work collaboratively with other members of the security team and IT teams to identify and remediate vulnerabilities in our environment. This position offers the opportunity to work with advanced security tools and technologies and to stay updated with the latest security trends and threats.
Key Responsibilities:
- Conduct regular vulnerability assessments of systems and applications using tools like Tanium and Tenable.
- Analyze and interpret vulnerability scan results, prioritizing vulnerabilities based on risk levels.
- Collaborate with cross-functional teams to develop and implement effective remediation plans for identified vulnerabilities.
- Conduct penetration testing and vulnerability research to identify new and emerging threats.
- Develop, update, and maintain security policies, procedures, and best practices.
- Monitor security logs and alerts to identify potential security incidents and respond appropriately.
- Investigate security incidents to determine root causes and formulate remediation strategies.
- Work with IT teams to ensure adherence to security policies and procedures.
- Develop and deliver security training and awareness programs for employees.
- Participate in internal and external security audits and assessments.
- Stay abreast of emerging security threats, vulnerabilities, and industry best practices.
- Provide technical guidance and mentorship to junior team members and peers.
- Collaborate with other teams to implement security controls, technologies, and secure coding practices.
- Participate in incident response activities as needed.
- Communicate with senior management and stakeholders about security risks, vulnerabilities, and incidents.
- Utilize ServiceNow Security Operations to manage and track security incidents and requests.
- Coordinate with third-party vendors and service providers to ensure compliance with security policies and procedures.
- Conduct risk assessments on new systems and applications before deployment.
- Assist in the development and implementation of disaster recovery and business continuity plans.
- Maintain comprehensive security-related documentation, including policies, standards, procedures, and guidelines.
- Conduct security reviews and assessments of third-party vendors and service providers.
- Provide input on the evaluation and selection of security tools and technologies.
- Perform continuous security research and provide recommendations for new security products and services.
- Assist in preparing and delivering security-related training and awareness programs.
Required Skills and Qualifications:
- Bachelor's degree in Computer Science, Information Technology, or a related field; or 10 years of equivalent experience.
- Minimum of 5-7 years of experience in information security, focusing on vulnerability management and assessment.
- Proficiency with vulnerability scanning and assessment tools such as Intune, SCCM, Tanium, and Tenable.
- Strong understanding of security principles, frameworks (e.g., NIST, ISO 27001, PCI DSS), and best practices.
- Excellent analytical, problem-solving, and communication skills.
- Ability to work independently and as a collaborative team member.
- Relevant industry certifications such as CISSP, CISA, GIACare a plus.
- Experience with ServiceNow Security Operations.
- Familiarity with common network and system architectures and cloud security solutions (e.g., AWS, Azure).
- Experience with security incident response processes, SIEM platforms (e.g., Splunk, ArcSight, LogRhythm), EDR tools (e.g., Carbon Black, CrowdStrike, SentinelOne), and SOAR platforms (e.g., Demisto, Phantom, Swimlane).
- Strong scripting skills in languages like Python or PowerShell.
Preferred Experience:
- Experience with Security Information and Event Management (SIEM)platforms (e.g., IBM QRadar, McAfee Enterprise Security Manager, Rapid7 InsightIDR).
- Knowledge of Network Intrusion Detection and Prevention Systems (NIDS/NIPS)(e.g., Snort, Suricata, Bro).
- Familiarity with Cloud Security Posture Management (CSPM) tools (e.g., CloudCheckr, Dome9, Prisma Cloud).
- Experience with Identity and Access Management (IAM) solutions (e.g., Okta, Ping Identity, ForgeRock).
- Understanding of Data Loss Prevention (DLP)solutions (e.g., Symantec DLP, McAfee DLP, Forcepoint DLP).